package com.yhp.web.filter;

import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.yhp.bean.Users;

/**
 * 登录权限过滤器
 *
 * @author bing.zhang06@hand-china.com 2021/7/31 14:34
 **/
public class LoginFilter implements Filter {
    /**
     * 不需要被过滤器拦截的页面 ，主要用于静态资源的放行
     * 在web.xml中配置filter的init-param
     */
    private String excludedPaths;
    private String[] excludedPathArray;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        // 初始化时读取web.xml中配置的init-param
        excludedPaths = filterConfig.getInitParameter("excludedPaths");
        if (excludedPaths != null && !excludedPaths.equals("")) {
            excludedPathArray = excludedPaths.split(",");
        }
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String requestURI = request.getRequestURI();
        Users u1 = (Users) request.getSession().getAttribute("u1");
        System.out.println(requestURI + "----");
        System.out.println("---" + u1);
        // 判断是否是直接放行的请求
        if (u1 == null && !isFilterExcludeRequest(request)) {
            response.sendRedirect("/login.jsp");
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override
    public void destroy() {

    }

    /**
     * 判断是否是 过滤器直接放行的请求
     * 主要用于静态资源的放行
     *
     * @param request
     * @return
     */
    private boolean isFilterExcludeRequest(HttpServletRequest request) {
        if (null != excludedPathArray && excludedPathArray.length > 0) {
            String url = request.getRequestURI();
            for (String ecludedUrl : excludedPathArray) {
                if (ecludedUrl.startsWith("*.")) {
                    // 如果配置的是后缀匹配, 则把前面的*号干掉，然后用endWith来判断
                    if (url.endsWith(ecludedUrl.substring(1))) {
                        return true;
                    }
                } else if (ecludedUrl.endsWith("/*")) {
                    if (!ecludedUrl.startsWith("/")) {
                        // 前缀匹配，必须要是/开头
                        ecludedUrl = "/" + ecludedUrl;
                    }
                    // 如果配置是前缀匹配, 则把最后的*号干掉，然后startWith来判断
                    String prffixStr = request.getContextPath() + ecludedUrl.substring(0, ecludedUrl.length() - 1);
                    if (url.startsWith(prffixStr)) {
                        return true;
                    }
                } else {
                    // 如果不是前缀匹配也不是后缀匹配,那就是全路径匹配
                    if (!ecludedUrl.startsWith("/")) {
                        // 全路径匹配，也必须要是/开头
                        ecludedUrl = "/" + ecludedUrl;
                    }
                    String targetUrl = request.getContextPath() + ecludedUrl;
                    if (url.equals(targetUrl)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }
}
